One of the more monetizable parts of Twitter is in my opinion its user data.  Think of the possibilities.  If you are dealing with someone you have not met and he or she uses Twitter, it may be valuable to obtain a profile of this person.  (Sounds creepy and too Art of War-ish, but I'm betting people would go for it.)  How about Starbucks ordering up customer profiles for everyone in a certain area who drinks vanilla lattes?  Some of this can be pretty easily accomplished using Twitter search.  However, Twitter's search seems choppy in practice (e.g., some people don't show up and searches only go back so far).
 
Along these lines, there were a couple of stories this week about Twitter psych analysis tools (TweetPsych) offered by third parties.  (ReadWriteWeb; Dan Zarella)  Using TweetPsych you can enter anyone's Twitter ID and obtain a rough profile that breaks down the type of cognitive and emotional content expressed by the person in Tweets.  Always interesting to think about the privacy implications of this. 

My first thought is that people reveal far more than they think they do through Twitter and other social media.  People always tend to limit the information they disclose on a per-Tweet basis, but if you put a person's entire Twitter feed together you are likely to get a bigger picture containing details about the person which the person probably didn't think they revealed through Twitter.  Of course you can also link a person's Twitter, Facebook, and other accounts and get even more personal.  That could be where this is ultimately headed.

Out of curiosity, I looked to see what Twitter's privacy policy says about all of this?  Nada.  Twitter's privacy policy doesn't clearly distinguish between the information you provide upon registration or in your profile and the information you transmit via the service.  The policy says it exists to provide users of Twitter's information regarding Twitter's "collection, use and disclosure of":

personally identifiable information received from users of [the Twitter website] or collected through [its] social networking service.

I think this refers to the information you submit when you sign up, or in your profile and to information "collected" by Twitter, but I'm not sure.  As for disclosure, the policy states that it engages "certain trusted third parties" to perform various functions, including "hosting and maintenance, customer relationship, database storage and management, and direct marketing campaigns."  Twitter will share a user's "personally identifiable information" with these third parties, but only to the extent necessary for the third parties to perform these functions, and in circumstances under which the third parties are required to maintain "the privacy and security of [the user's] data."  The policy arguably doesn't apply to information transmitted by an end user through the service, but even if it did, the policy contains a pretty broad range of disclosure to third parties. 

Given how courts have treated privacy policies as not creating enforceable obligations and have rejected claims for damages based on violations of privacy policies (see, e.g., Cherny v. Emigrant Bank; Pinero v. Jackson Hewitt Tax Services Inc.), analysis of Twitter's privacy policy is largely academic.  But it's interesting to note what the policy does or doesn't say about turning over a user's Twitter feed en masse to a third party for purposes of analysis. 

Previous post:  "Twitter + Facebook Combination: Privacy Issues"

[Correction:  as someone points out via email, analysis of the privacy policy is obviously not academic . . . the big bad FTC could come cracking down on you.  It's just that an end user cause of action isn't terribly viable.  Also, I'm speaking strictly from the standpoint of U.S. law.  EU rules are much more protective, and it's anyone's guess as to how things look through the lens of the EU rules.  See, e.g., All Facebook: "Will Facebook Face Tougher Privacy Restrictions in Europe?"]